fixes #192

2026-01-13 02:28:41 +00:00 · 2020-02-07 22:34:43 +01:00 · 2020-02-07 22:34:43 +01:00 · 71e2d7fc67
commit 71e2d7fc67
parent d0d77c9b9b
2 changed files with 24 additions and 2 deletions
--- a/Router/SocketRouter.php
+++ b/Router/SocketRouter.php
@ -95,6 +95,7 @@ final class SocketRouter implements RouterInterface
     * @param string $app     Application name
     * @param int    $orgId   Organization id
     * @param mixed  $account Account
+     * @param array  $data    Data
     *
     * @return array[]
     *
@ -104,7 +105,8 @@ final class SocketRouter implements RouterInterface
        string $uri,
        string $app = null,
        int $orgId = null,
-        $account = null
+        $account = null,
+        array $data = null
    ) : array
    {
        $bound = [];
@ -125,6 +127,15 @@ final class SocketRouter implements RouterInterface
                    return $app !== null ? $this->route('/' . \strtolower($app) . '/e403') : $this->route('/e403');
                }

+                // if data check is invalid
+                if (isset($d['data'])) {
+                    foreach ($d['data'] as $name => $pattern) {
+                        if (!isset($data[$name]) || \preg_match($pattern, $data[$name]) !== 1) {
+                            return $app !== null ? $this->route('/' . \strtolower($app) . '/e403') : $this->route('/e403');
+                        }
+                    }
+                }
+
                $bound[] = ['dest' => $d['dest']];
            }
        }
--- a/Router/WebRouter.php
+++ b/Router/WebRouter.php
@ -123,6 +123,7 @@ final class WebRouter implements RouterInterface
     * @param string $app     Application name
     * @param int    $orgId   Organization id
     * @param mixed  $account Account
+     * @param array  $data    Data
     *
     * @return array[]
     *
@ -134,7 +135,8 @@ final class WebRouter implements RouterInterface
        int $verb = RouteVerb::GET,
        string $app = null,
        int $orgId = null,
-        $account = null
+        $account = null,
+        array $data = null
    ) : array
    {
        $bound = [];
@ -164,6 +166,15 @@ final class WebRouter implements RouterInterface
                        return $app !== null ? $this->route('/' . \strtolower($app) . '/e403', $csrf, $verb) : $this->route('/e403', $csrf, $verb);
                    }

+                    // if data check is invalid
+                    if (isset($d['data'])) {
+                        foreach ($d['data'] as $name => $pattern) {
+                            if (!isset($data[$name]) || \preg_match($pattern, $data[$name]) !== 1) {
+                                return $app !== null ? $this->route('/' . \strtolower($app) . '/e403', $csrf, $verb) : $this->route('/e403', $csrf, $verb);
+                            }
+                        }
+                    }
+
                    $bound[] = ['dest' => $d['dest']];
                }
            }